-----BEGIN PGP SIGNED MESSAGE-----
AUSCERT Security Bulletin
A number of vulnerabilities have been identified in McAfee Email Gateway
4 December 2012
AusCERT Security Bulletin Summary
Product: McAfee Email Gateway (MEG) 7.0
McAfee Email Gateway (MEG) 7.0.1
McAfee Email Gateway (MEG) 7.0.2
Operating System: Network Appliance
VMWare ESX Server
Impact/Access: Cross-site Scripting -- Remote with User Interaction
Denial of Service -- Existing Account
Member content until: Thursday, January 3 2013
A number of vulnerabilities have been identified in McAfee Email
Gateway (MEG) prior to version 7.0.2 Hotfix 116. 
The vendor has provided the following details regarding these
The MEG 7.x Secure Web Delivery Client does not correctly handle email
attachment names, allowing specifically named files to execute as
user subsequently accesses their draft messages.
A malicious email can be constructed that results in an end-user
signing into a secure webmail account and running an arbitrary
The interaction can be as simple as hovering over the attachment.
Note that the invocation of this attack is limited by the need to
highjack an active session cookie.
Denial of Service
MEG 7.x does not correctly verify administrative settings for
generating email via the Secure Web Mail Client. This allows a user
who would normally be unable to compose, forward, or reply to
messages the ability to generate messages on the Appliance.
The unauthorized generation of many messages could cause a potential
Denial of Service (DoS) if the messages consume all available disk
space. Note that the severity of this attack is limited by the need
to highjack an active session cookie." 
The vendor recommends updating to the latest version of McAfee Email
Gateway (MEG) to correct these issues. 
 McAfee Security Bulletin - MEG 7.0.2 Hotfix resolves multiple
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
Australian Computer Emergency Response Team
The University of Queensland
Internet Email: email@example.com
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----